Asmap: avoid connecting to certain AS #26353

While studying asmap, I could understand that Core tries to connect to at most one peer per AS, like:

Supposing I don't want to have my node connected to Amazon or Digital Ocean, doesn't it make sense to make possible to set up my node to avoid connecting to certain AS (something like -asmapavoid=abc,bca,cba...?

After reading your issue, I gave a reading of the Erebus attack and how asmaps are used as a potential method to make them far more complex. After reading it, I would like to explain why I think this feature might not be an excellent idea.

Let me take an example to explain my point:

• Say you studied the Internet maps, and your node identified the ten autonomous systems or potential bottlenecks (PB) in the world and connected to an IP belonging to each PB.
• Now you decided that you don't want to be connected to two of those PB, so you told your node to avoid touching IPs.
• But considering the limit of the extent to which Internet Maps are built, there is a finite chance that the rest of those 8 PBs are actually passing through a single master entity, and now you can be eclipsed.
• In general, when all things are kept equal, the probability of 8 PBs controlled by a single entity will be higher than 10 PBs controlled by a single entity. So "Banning" a PB increase the chance of you getting eclipsed.

The example may sound far-fetched, but Erebus attacks are discussed considering the large entities (like Big IP provider) and Black Swans events in mind.

One thing I might have missed in this answer is the reasoning behind "Banning" a PB. So I would like to understand why someone would want to "Ban" a PB.

There may be other reasons why you'd want to ban based on AS, which are unrelated to Erebus. For example, lots of spy nodes or otherwise useless/malicious nodes on a particular AS.

IIRC there was an issue or PR about extending the ban RPC to include ASNs (in addition to IP ranges), but I'm not sure where to find it now.

IIRC, there was an issue or PR about extending the ban RPC to include ASNs (in addition to IP ranges), but I'm not sure where to find it now.

Yes, I can find an issue posted by you that talks about this. #19129

It would be useful if it were possible to ban IP ranges not just by netmask, but also by ASN number (as provided by asmap).

For example, lots of spy nodes or otherwise useless/malicious nodes on a particular AS.

This sounds like a fair reason to ban an AS. So do you think there should be an upper limit to how many AS one user can ban? Because say, in extreme cases, if it bans all but one AS in the world, this node is largely susceptible to Erebrus-like attacks.

@brunoerg I think it's a neat idea. At the same time, if you just like asmap and want to contribute, it would be probably more useful to facilitate making asmap default :) I had some ideas here a while ago, so that might be somewhat outdated.

@naumenkogs Cool, gonna take a look at it!

Closing this in favour of https://github.com/bitcoin/bitcoin/issues/19129